Security Scan Report: safercar.gov

Redirected to:
https://www.nhtsa.gov/campaign/safercargov?redirect-safercar-sitewide
Site favicon
Submitted: May 29, 2026, 6:38:02 AMCompleted: May 29, 2026, 6:40:21 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main domain is nhtsa.gov and was registered NaN years ago.

Submitted URL: https://safercar.gov

Effective URL: https://www.nhtsa.gov/campaign/safercargov?redirect-safercar-sitewideRedirected

The Cisco Umbrella rank of the primary domain is #325,385 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

Despite official‑looking branding, the page contains critical malicious JavaScript signatures, indicating malware distribution.

Risk Factors
Obfuscated JavaScript with high entropy and eval() usage
Critical and high severity YARA malware detections
Domain rank far below typical government sites
Potential brand mismatch (safercar.gov vs nhtsa.gov) in meta tags
Safety Factors
Domain age > 27 years (well‑established)
Official redirect to nhtsa.gov campaign page
No credential or payment forms present
Established domain (10107 days old) with no strong malicious indicators — risk clamped from 10 to 5
Domain age information unavailable

Details

Page Title

Access Denied

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(59%)

Domain Information

Domain 'safercar.gov' uses the United States government-restricted top-level domain (.gov). The registrable portion 'safercar' spans 8 characters split between 3 vowels and five consonants. Splitting it apart reveals two words: safer, car. Median word length comes out to 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://safercar.gov

Page Load Overview

4.13s
Total Load Time
52
HTTP Requests
19
Domains
1.4 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,197 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service59% confidence
Type: spa
Method: ml+structural

All Detected Categories

government public service
59%
government
48%
documentation technical
26%

Detected Features

Search
OG: Campaign Page
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
26204.68.194.196United States
AS2576U. S. Department of Transportation
2623.67.140.157Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
522--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12DE02BFFF00B010B4F259E8369F23104F57514F576966BC4AE07E09A850DEEC8C629A4

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6:qzxwyEr6VPWxxdGztAc4gFWgkmVnhwM4a4dGmVnh4KKqz:kxVRpedgbRhNZ4dDh3j

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:1:0:1198d4ae93094688304f1fd3502570a4

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:1f3fffffffffffff
Perceptual Hash:870707070707fbf9
Difference Hash:e040000000000000
Wavelet Hash:1030f0f0f0f0f0f0
Color Hash:#8ebf40

Other Hashes

Crop Resistant:e040000000000000

Scan History

Scan history not available

Unable to load historical scan data